Microsoft Windows – Promoting Mediocrity Since 1985

I am a Unix / Linux guy writing this article out of sheer frustration, so if one does not like pointed, accurate ranting about that Not A Unix OS to which one may be partial, stop here.

Our company web log, web site, shopping site and forum get hit by varying degrees with SPAM bots, or in some cases possibly paid SPAM shills, signing up for accounts, posting “comments” and sending “track-backs” that aren’t. Constant administration oversight is needed to keep these cleaned up, which is one reason why all comments and track-backs here at The ERACC Web Log are moderated. We see the SPAM so you don’t have to. I also see the occasional SPAM in my e-mail. Even though I have measures in place to mitigate the problem in all these locations, nothing completely stops these annoying SPAM-ing jerks. Invariably, when I trace back the IP addresses of these SPAM attempts with nmap and check the running OS I see something like this:

It seems another technically ignorant Microsoft user, or dare I say “administrator”, has zero clue how to secure an internet facing operating system. (By the way, saying these folk are ignorant is not a slur on their character, because ignorance can be cured.) You see, when a company designs an operating system so mediocre and so “easy” an ignorant person can use it to connect a computer to the internet, you get ignorant people connecting computers to the internet. This in and of itself is not necessarily a Bad Thing™. Unless the operating system in question has flawed design decisions from its inception that leave the OS open to attack when connected to the internet by ignorant users. (Psst, meaning Microsoft Windows from 1985 to now.) Yes, all the Microsoft “guru” types out there are gnashing teeth and insisting Microsoft operating systems can be secured. Yup, I agree. But not by the technically clueless who are coddled by intellect smothering GUI love, which means the majority of Microsoft users.

Too many Microsoft users have been taught the attitude, “I don’t want to have to learn something ‘hard’, I just want this thing to work.” when talking about computer systems. This brings to mind one of my favorite paragraphs from a book I have read more than once:

“Would you fight so with a sword? No? I thought not! You would try to cut your enemy even as his blade split your heart. That is the Angrezi vice; you would rather die than go to the effort of thinking. You are not stupid, but you are lazy —” He touched the side of his head to show what he meant. “You will toil like bullocks with your bodies rather than make your brains sweat.”

Unfortunately, since Microsoft systems always use a brain atrophying GUI for Every Freaking Thing, the ignorant users are usually not taught how to think for themselves. So these people rarely know the hows and whys of network security or how to parse and solve network problems with their own brain. The GUI keeps these poor people ignorant. If “it” is not in a GUI, “it” is not possible or even knowable as far as many of these folks are concerned. Substitute some network security task for “it” in the previous sentence. (Hey, you. Yeah, you over there using that Microsoft OS. That is a multifunction tool called a computer, not a microwave oven or a toaster or a television set. Get an OS that can teach you that.)

Further, when basic design decisions are made that start off without any thought of security for this same operating system you get an operating system that is easy to suborn, regardless of the endless Microsoft Patch Tuesdays. Anti-malware is a bandage at best, because anti-malware is primarily retroactive. Anyone who is honest will admit that there are attacks that get through anti-malware on Microsoft systems all the time. Not every Microsoft system, because eventually the anti-malware vendors catch up. But if one is the first to get a new “infection”, one’s “heuristic” anti-malware has a fair chance of not catching a new malicious package introduced through that “Excellent FaceBook Page!!!11!!” one just visited with Internet Explorer. (For the record, it is not a “PC Virus”, sweetie, it is a “Microsoft Windows Virus”.)

Add to this heinous equation all the clueless Microsoft users and Microsoft “administrators” clicking their way to GUI Nirvana to realize a world-wide network nightmare called Microsoft Bot-nets, Microsoft SPAM relays and other Microsoft related malware spewing sewers. Here have some Microsoft based SPAM, or a Microsoft based DOS attack. Isn’t mediocrity just Totally Sweet?

When a company promotes ease of use mediocrity over security for its operating systems, perhaps its operating systems should not be allowed on the internet. I’m just saying …

Notice: All comments here are approved by a moderator before they will show up. Depending on the time of day this can take several hours. Please be patient and only post comments once. Thank you.

Published by

Gene A.

Gene is a "Unix Guy", network technologist, system trouble-shooter and IT generalist with over 20 years experience in the SOHO and SMB markets. He is familiar with and conversant in eComStation (a.k.a. OS/2), DOS (PC, MS and Free), Unix, Linux and those GUI based systems from Microsoft. Gene is also a follower of Jesus (forgiven, not perfect), and this does inform his world view.
View all posts by Gene A.

For the record, in case some of you might believe I am a "GUI hater", I like using a GUI to get some of my work done. I use a GUI every day to get things done. I use OpenOffice regularly as well as Liferea, Firefox, Opera, Evolution, etcetera. After all, I do not do this and my other company web sites with a plain text editor from the command line. My complaint is against attempts to completely remove powerful command line tools and dumb down administrators as a result, ie "the Microsoft way".

Yep. I'm beginning to be quite successful in converting a fellow sys admin to Linux due to the GUI hell of Windows administration and the accompanying administration of Windows only software. The company recently decided to jump on the Citrix virtualization bandwagon, only to discover that everything is only configurable via GUIs nested within GUIs, nested within GUIs, in Windows only, even though the system runs on a Linux platform. The support calls are laughable… "Yeah, such and such is not working all of the sudden…" Support says "Okay, start your Server 2008 Citrix Management Console [that interfaces with the Linux based Citrix server], go to such and such, click this, click that, click there, select some object, right click, edit… now type set_blabla_permissions=1." So why the GUI? Why not console and type that directly into a file? Making computers easy makes them harder to use. Give me control or give me nothing. GUIs are for games, pictures, videos, and eye candy, not administration.
My dream is an environment free from Windows. I hope to someday see that dream a reality.

I am inclined to agree with you about people who set up Internet facing computers with no knowledge of computer security. I see it all the time in my work. I often arrive at a professional office such as the office of a doctor or an attorney to fix a problem. They have purchased and configured a Microsoft Windows Server operating system by themselves with no help from a technically knowledgable person. I find that they often have created a situation where security and reliability are at risk. These people always start with the idea that they can figure out the issues as they go. Why should they hire a consultant to help them purchase and configure their office LAN or their email server or their IIS server? They believe that it is all very simple and that Microsoft has solved all of the high level technical issues.
I often try to point out the vulnerabilities in their configuration but it is often like pearls before swine. They use Microsoft Windows at home. They already purchased and set up a Windows server. They don't understand or care about the potential problems that can result from insufficient security or insufficient disaster recovery planning. Even when they have suffered some loss such as when a malicious employee deletes years of project files or client records these people do not appreciate that computer administration is not for the ignorant. I tell these people how they could have avoided or mitigated some damage that was done and they still believe that they can handle it all themselves. They often ask me for details of what I would do if they hired me to reconfigure their computer environment. Most of the time, I have found, these people just want to know some specifics so that they can go ahead and try to implement those things themselves without my help.
I've been supporting small businesses for over seven years now and I am really sick to death of these ignorant cowboys. I worked in large businesses for twenty years before I started my own support business focused on supporting small businesses so I've got a lot of experience in all areas of business computer support. I have a lot of trouble persuading these professional people that they should have a computer support expert help them run their business computing environment.

Yup my friend, blame the chaos on M$ 's side. They flooded the market with their crappy OS, and made people believe any average Joe could handle it. When they did it, they devalued the IT professionals and now here is where we all stand: Security(broken) is a mess, users think they can manager their systems and IT professionals are not respected.
I long for the day the users will realize all the years of stupidity, blindly following the M$'s lies.

I can attest this culture that runs throughout Microsoft land. I am a "certified" Windows Sysadmin who began getting curious when I read Microsoft marketing that touted how much less companies could hire Windows Sysadmins for then the Unix/Linux counterpart. I was very offended and felt like someone who had been duped it was like they were selling one set of gods to me to get "certified" then telling their customers how a less intelligent person could be hired to administer their environments. Well I have since gave up on the Windows GUI chasing. I started feeling when taking cert tests like all I was doing was learning how Microsoft added new buttons to a GUI or made a new pretty interface for a new "product", It's like they dress real technology up in cheap clothing. The technology of DNS,DHCP and over all security suffers under this "easier" to use operating system. I still bounce back and forth to my Windows partition on my laptop simply because some of the streaming video I watch is sub-par on my Ubuntu desktop. I hope that area improves but hands down Linux is superior for development work and truly dealing with the technology your trying to work with rather then the dressed up nightmare Windows has become. I can't believe Windows admins haven't gotten tired of trying to remember which check box he clicked or where that wizard was that was seven levels deep in an "easy to use" interface. I think the world is slowly awakening to this reality. Oh by the way Powershell wasn't the answer they thought it would be, at least for me. It is more of the same, hide the system from intelligent people with an easy to use OS that did nothing but make Windows so complex no one really knows how it all works by their own admission.

You have some valid points, but I don't think it's fair to blame GUIs for all the problems. If the underlying system is secure, than anything sitting on top of it will be too. I am an avid Linux user and due to being on the autism spectrum, I do much better with a GUI than tinkering around in the terminal (most of the time…sometimes command-line is really fast compared to GUI).

The GUI was designed to give users more productivity, and I think it has done that. If you forced the 'average' or 'below-average' user to use non-GUI tools to do their everyday work, they wouldn't get much done. Mr. or Ms. Office Worker doesn't care about iptables or selinux, they just want the dag-berned computer to work so they can write their document, make a spreadsheet or play stupid games on Facebook.
Just like software developers have to put all kinds of safeguards into programs to deal with user error, OS makers need to do the same with security. Yes, the user should be responsible, but let's face it…people's eyes start to glaze over once you start lecturing them about internet safety. The OS makers are going to have to pick up the slack and make default security settings secure, non-invasive and easy to manage. The prompts to log in or otherwise approve an action that might affect system security get ignored after a while, so the OS will need to be smarter when the user is not.
Just my 3 cents.

to be true there is toolz that can feed Any OS in query reply.
Users? Nah i have some VPN bank servers and firm computers trying to bruteforcein.
Reasons? BAD policy/prosecution towards crackers and IT folk in 10 past years. BAD default security options in popular systems. BAD government reaction(covering) to business spam/information fetching firms. AND demand on such services which is main.
AND you are quite lazy too you spend nights not in developing security policy and algorithms to prevents spam on site or make it not interesting to spammers(remove lines with @ or . . . etc.) . About people habit it's normal there will be no regular and pro's if it will be not so.

The GUI is not a bad thing for someone who is dilligent. The problem is that it is a dangerous thing for people who are lazy. It makes good business for consultants who get called in to fix the mess after lazy admins have only gotten their system sort of working with the GUI.
The biggest problem with Windows is that it tries to be everything to everybody when a given server should try to do the least. It is easy to divide services between Linux boxes. It is a nightmare to stop Windows from trying to help you all the time. When you setup a Linux server properly, it does that service and nothing else. You do not have that level of control with Windows. Windows is always doing a 1000 things for (to) you that you do not want or need whether you like it or not. This is not the result of the GUI, it is just bad OS design.

And then…. there's all of the additional disk space used to store documents containing countless screen shots of all the GUI-based configuration and setup options. A text list or table of variables and corresponding values stored in a single configuration file name represented by a single string of text with a full path takes up A HELL OF A LOT less space in your documentation.
As well as promoting mediocrity MS are also promoting the wholesale and wasteful consumption of disk space.
Being now a Linux user (server and desktop) for 4 years and an MS Windows user/admin before that since the late 80's I can safely say that Windows, really is, awful to administer/secure as a server platform. It actually takes exposure to CLI environments and Linux/Unix based server systems to make you realise and appreciate this.

"Pointed?" "Accurate?" More like jealous, I would say. Windows will be here, (and successful), long after Linux is history. Deal with it. Btw, I`m posting this from Ubuntu Ultimate 2.9 with a custom-built kernel. Not a hater, just a realist.

I cannot access my Banco do Brasil account on the internet. Even if I use a virtual machine to run Windows XP, their 2.7 MB Security Package installed, whenever I try to access my account, it requires me to install that damn Security Package again, all through Internet Explorer.
These people who only understand money, are stupid.

a) A computer is capable of millions of functions and or decisions.
b) Putting all of those options in a GUI is impossilbe and would make the GUI completely unusable.
c) Windows must be "simple" to use. Therefore
d) It offers only a fraction of what the machine is capable of or
e) is overcomplicated and too difficult to administer.
The truth is that Linux is light years ahead of Windows. It caters to any and all configuration options while providing great GUI's for applications (where the GUI is useful).
It's so sad that MS has dumbed the general population of all computer knowledge. Where users could have learned and become productive over the past 25 years they instead have become lazy and useless. How many hours a day does the general office worker waste waiting for Windows to reboot or virus scan. I see it in my own office. Hours and hours times thousands of employees of lost time every day. It's criminal.

Very good (and truthful) article. I've been in IT for over 13 years, and over that time I've used Windows and Linux extensively. Eventually, out of frustration, I've gone to 100% using Linux because it is far superior. I've become tired of maintaining Windows and spending all-nighters sitting in front of Windows servers doing repairs and re-installs. With Linux, you no longer need to deal with the maintenance nightmare. Not to mention, Linux is far more stable and secure. I too have been replacing Windows systems for people that I know with Fedora Linux systems, and the reception has been very good. The only issues I have come across are from ignorant websites and software that were coded using Microsoft technologies and are imcompatible with other operating systems other than Windows. However since Linux is open source, it can adapt and workarounds can be implemented.

I like GUIs. But I also like the flexibility of using CLI when needed. And I think the worst aspect of MS Windows O/S was the removal of DOS underneath Windows 3.11 and the reliance on GUIs. It was during the XP era that I switched to Ubuntu and I like the ability to do the day to day stuff with a GUI, but when something goes wrong, I can get into the heart of the O/S and fix it, patch it, reconfig it. Pretty essential to being an efficient user these days.

Most people are too lazy to read things. Let us suppose some one as writing
something in some text editor. After a while this person wants to print the text and click on the Printing Button.
One box appear in the monitor with 2 buttons: one with YES and other with NO.

This person click NO and the printer don't work, try again and them click YES and . guess what !!!!, nothing.

This person get the phone and call the support. After a few minutes, the support gui ask to the user : "Read the message to me".

user awnser: "Your printer is turned off. Click NO to cancel or turned on
your printer and them click YES".

Sorry for a long story !!

This is just a simple example. Most people are too lazy to read, what they
want is just "click, click, done". This must be changed.

I have slackware installed on my machine since 2000, I read a lot before
install. When I told to a friend, he say : "I don't wanna read, I wanna use"….

COME ON !!!!…. after a few months and a lot of persuasion, he installed
fedora. He tried ubuntu, and hate it.